- Double check if org_name exist. Empty name will crash Elastissearch's 'exist' search
- Move try-statement to include open() to catch if files do not exist
- Enclose Elasticsearch's execute in a try-statement to catch any invalid searches when variables are empty/missing
- Fix handling of non-domain organization names (PR #411 fixes issue #410)
- Ignore rua reports with a date range that is too long to be valid (PR #408 fixes issue #282)
- Add support for Azure Log Analytics (PR #394)
- Fix a bug in the Microsoft Graph integration that caused a crash when an inbox has 10+ folders (PR #398)
- Documentation fixes
* Set global TOC collapse to false
* Split documentation
I tried to split the index.md file into logical parts, not changing the contents.
I did add a space and change one HTTP URL to HTTPS.
---------
Co-authored-by: Sean Whalen <44679+seanthegeek@users.noreply.github.com>
* Implemented Azure Log Analytics ingestion via Data Collection Rules
* Update loganalytics.py
* Update cli.py
* Update pyproject.toml
* Fixed config bug
Fixed a bug that causes the program to fail if you do not configure a Data stream.
* Fixed code format
```
org.elasticsearch.ElasticsearchSecurityException: invalid configuration for xpack.security.transport.ssl - [xpack.security.transport.ssl.enabled] is not set, but the following settings have been configured in elasticsearch.yml : [xpack.security.transport.ssl.keystore.secure_password,xpack.security.transport.ssl.truststore.secure_password]
```
* Fixed Bug in graph.py
Fixed Bug regarding the finding of a specific folder.
This Bug caused parsedmarc to crash if it could not find the folder in one Ms Graph request. This is only an issue if your MailBox contains 10+ folders.
It was solved by adding the `$filter=displayName eq '{folder_name}'` param so it would immediatly find the folder.
* Fixed MS Graph Search bug
Fixed bug that causes only 10 messages to be read from MS Graph if batch size is defined as 0.
Fixed formatting
* prevented $top from being 0
- Fix bug introduced in 8.3.1 that caused `No such file or directory` errors if output files didn't exist (PR #385 closes issues #358 and #382)
- Make the `--silent` CLI option only print errors.
Add the `--warnings` options to also print warnings (PR#383)
* Adding warnings argument; silent logs only errors.
* Fixing flake warning for trailing whitespace
* Change help for --warnings to match existing style
Fixes the problem when only a file path was specified instead of a file
Reportet with Issues:
Not a valid aggregate or forensic report after fresh Install with 8.3.x #338
Not a valid aggregate or forensic report after Update to 7.1.1 #287
Add information on how to fix "Elasticsearch error: RequestError(400, 'validation_exception', 'Validation Failed: 1: this action would add [1] shards, but this cluster currently has [1000]/[1000] maximum normal shards open;"
* Update elasticsearch/kibana instructions
[From elastisearch notes](https://www.elastic.co/guide/en/elasticsearch/reference/current/important-settings.html#heap-size-settings) :
```
By default, Elasticsearch automatically sets the JVM heap size based on a node’s roles and total memory. We recommend the default sizing for most production environments.
```
* Update nginx conf to TLSv1.3 and IPv6
* Replace nginx proxy by native https server
Kibana now provide https web server, remove the nginx proxy part and directly use kibana
* Fix typo
* Add infos how to login to kibana
* Add interface details
